Dridex malware

Related Terms

Dridex is a strain of banking malware that leverages macros in Microsoft Office to infect systems. Once a computer has been infected, Dridex attackers can steal banking credentials and other personal information on the system to gain access to the financial records of a user.

Dridex operates by first arriving on a user's computer as a malicious spame-mail with a Microsoft Word document attached to the message. If the user opens the document, a macro embedded in the document surreptitiously triggers a download of the Dridex banking malware, enabling it to first steal banking credentials and then attempt to generate fraudulent financial transactions.

Evolving from Cridex and ZeuS

Dridex is an evolution of the Cridex malware, which itself is based on the ZeuSTrojan Horse malware. According to security firm Trustwave, the Dridex banking malware initially spread in late 2014 via a spam campaign that generated upwards of 15,000 emails each day. The attacks primarily focused on systems located in the United Kingdom.